CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1097

1097 vulnerabilities classified as CWE-306 (关键功能的认证机制缺失). AI Chinese analysis included.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-0336	Improper Access Control in EMTA Grups PDKS — PDKS	8.1^AI	High^AI	2024-06-03
CVE-2024-20391	Cisco Secure Client 安全漏洞 — Cisco Secure Client	6.8	Medium	2024-05-15
CVE-2023-5935	Missing authentication for local web interface in Arc before v1.6.0 — Arc	7.4	High	2024-05-15
CVE-2024-27942	Siemens RUGGEDCOM CROSSBOW 访问控制错误漏洞 — RUGGEDCOM CROSSBOW	7.5	High	2024-05-14
CVE-2024-2860	Broadcom Brocade SANnav 安全漏洞 — Brocade SAnnav	7.8	High	2024-05-08
CVE-2023-37325	D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability — DAP-2622	8.1^AI	High^AI	2024-05-07
CVE-2021-34983	NETGEAR Multiple Routers httpd Missing Authentication for Critical Function Information Disclosure Vulnerability — Multiple Routers	6.5	-	2024-05-07
CVE-2024-3661	DHCP routing options can manipulate interface-based VPN traffic — DHCP	7.6	High	2024-05-06
CVE-2023-51587	Voltronic Power ViewPower getModbusPassword Missing Authentication Information Disclosure Vulnerability — ViewPower	7.5	-	2024-05-03
CVE-2023-50199	D-Link G416 httpd Missing Authentication for Critical Function Remote Code Execution Vulnerability — G416	8.8	-	2024-05-03
CVE-2023-44413	D-Link D-View shutdown_coreserver Missing Authentication Denial-of-Service Vulnerability — D-View	7.5	-	2024-05-03
CVE-2023-42121	Control Web Panel Missing Authentication Remote Code Execution Vulnerability — Control Web Panel	9.8	-	2024-05-03
CVE-2023-41187	D-Link DAP-1325 HNAP Missing Authentication Remote Code Execution Vulnerability — DAP-1325	8.8	-	2024-05-03
CVE-2023-41186	D-Link DAP-1325 CGI Missing Authentication Information Disclosure Vulnerability — DAP-1325	6.5	-	2024-05-03
CVE-2023-41183	NETGEAR Orbi 760 SOAP API Authentication Bypass Vulnerability — Orbi 760	8.8	-	2024-05-03
CVE-2023-39466	Triangle MicroWorks SCADA Data Gateway get_config Missing Authentication Information Disclosure Vulnerability — SCADA Data Gateway	7.5	-	2024-05-03
CVE-2023-39457	Triangle MicroWorks SCADA Data Gateway Missing Authentication Vulnerability — SCADA Data Gateway	9.8	-	2024-05-03
CVE-2023-38123	Inductive Automation Ignition OPC UA Quick Client Missing Authentication for Critical Function Authentication Bypass Vulnerability — Ignition	8.8	-	2024-05-03
CVE-2023-27357	NETGEAR RAX30 GetInfo Missing Authentication Information Disclosure Vulnerability — RAX30	6.5	-	2024-05-03
CVE-2024-32764	myQNAPcloud Link — myQNAPcloud Link	9.9	Critical	2024-04-26
CVE-2024-1491	Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function — Compact DAB Transmitter	7.5	High	2024-04-18
CVE-2024-21846	Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function — Compact DAB Transmitter	5.3	Medium	2024-04-18
CVE-2023-4857	Lenovo SMM/SMM2/FPC 安全漏洞 — SMM, SMM2, FPC	7.5	High	2024-04-15
CVE-2024-3701	Improper Authentication in com.transsion.kolun.aiservice — com.transsion.kolun.aiservice	9.8^AI	Critical^AI	2024-04-15
CVE-2024-3777	Ai3 QbiBot - Broken Access Control — QbiBot	9.8	Critical	2024-04-15
CVE-2024-3774	aEnrich Technology a+HRD - Exposure of Sensitive Data — a+HRD	5.3	Medium	2024-04-15
CVE-2024-30391	Junos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with "hmac-sha-384" and "hmac-sha-512" no authentication of traffic is performed — Junos OS	4.8	Medium	2024-04-12
CVE-2024-26235	Windows Update Stack Elevation of Privilege Vulnerability — Windows Server 2022, 23H2 Edition (Server Core installation)	7.8	High	2024-04-09
CVE-2023-1083	Welotec: improper access control in TK500v1 router series — TK515L	9.8	Critical	2024-04-09
CVE-2023-25493	Lenovo ThinkStation 安全漏洞 — BIOS	6.7	Medium	2024-04-05

Vulnerabilities classified as CWE-306 (关键功能的认证机制缺失) represent 1097 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.

Goal Reached Thanks to every supporter — we hit 100%!

CWE-306 (关键功能的认证机制缺失) — Vulnerability Class 1097